0

我无法从部署的 bluemix 应用程序连接到 Compose MongoDB 服务。似乎找不到必要的证书。我原以为它会直接从环境变量 VCAP_SERVICES 中获取它。

我可以从我的本地测试环境中很好地运行它,因为我将密钥导入到 Java 中的适当密钥库中。

如果我在 bluemix 上查看他们的 node.js 示例,他们实际上是在连接期间通过了证书。但是,我在 Java API 的任何地方都找不到这个。

我相信我要么需要将此证书添加到 bluemix 上的 VM(似乎不太可能),要么我需要通过 Java 驱动程序传递它,而我不能(看不到如何)。

想法?

作为记录,这是我得到的例外:

com.mongodb.MongoTimeoutException: Timed out after 30000 ms while waiting for a server that matches 
ReadPreferenceServerSelector{readPreference=primary}. Client view of 
cluster state is {type=UNKNOWN, servers=[{address=bluemix-sandbox-dal-9-portal.7.dblayer.com:26123, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}, {address=bluemix-sandbox-dal-9-portal.6.dblayer.com:26123, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}]
com.mongodb.connection.BaseCluster.createTimeoutException(BaseCluster.java:377)
com.mongodb.connection.BaseCluster.selectServer(BaseCluster.java:104)
com.mongodb.binding.ClusterBinding$ClusterBindingConnectionSource.<init>(ClusterBinding.java:75)
com.mongodb.binding.ClusterBinding$ClusterBindingConnectionSource.<init>(ClusterBinding.java:71)
com.mongodb.binding.ClusterBinding.getReadConnectionSource(ClusterBinding.java:63)
com.mongodb.operation.OperationHelper.withConnection(OperationHelper.java:402)
com.mongodb.operation.FindOperation.execute(FindOperation.java:510)
com.mongodb.operation.FindOperation.execute(FindOperation.java:81)
com.mongodb.Mongo.execute(Mongo.java:836)
com.mongodb.Mongo$2.execute(Mongo.java:823)
com.mongodb.FindIterableImpl$FindOperationIterable.first(FindIterableImpl.java:216)
com.mongodb.FindIterableImpl.first(FindIterableImpl.java:156)
com.ibm.smarts.experiment.UserMgr.getUserDetails(UserMgr.java:146)
com.ibm.smarts.experiment.UserMgr.authenticateUser(UserMgr.java:123)
com.ibm.smarts.experiment.servlet.LoginServlet.doPost(LoginServlet.java:31)
javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
4

1 回答 1

1

这里记录了一些选项。例如:

将证书导入 Java 信任库文件,将文件打包到 Java 应用程序中,并通过 JAVA_OPTS 环境变量指定其路径;信任库文件可以放在资源目录下。这可用于单个应用程序:

通过使用“cf set-env”命令:

cf set-env <app> JAVA_OPTS '-Djavax.net.ssl.TrustStore=classpath:resources/config/truststore'

通过使用 manifest.yml:

---
applications:
- name: java-app
  ...
  env:
    JAVA_OPTS: '-Djavax.net.ssl.TrustStore=classpath:resources/config/truststore'
于 2017-05-09T09:52:26.780 回答